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1 This action is in response to the communication filed on 1 1/26/2003. 

2 DETAILED ACTION 

3 Claims 1-41 have been examined. 

4 Title 

5 The title of the invention is not descriptive. A new title is required that is clearly 

6 indicative of the invention to which the claims are directed. 

7 Priority 

8 This application claims priority to Provisional Application 60/482,763*, filed on 

9 6/27/2003. 

10 Therefore, the effective filing date for the subject matter defined in the pending claims in 

1 1 this application is 6/27/2003 . 

1 2 Information Disclosure Statement 

13 The information disclosure statement(s) (IDS) submitted on 1 1/26/2003 are in 

14 compliance with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the 

15 information disclosure statements. However, the examiner notes, as indicated on the signed 

16 copy, that the references listed in the IDS did not properly identify the pertinent pages of each 

17 reference, and as such were not considered. 

18 Drawings 

19 The drawings filed on 1 1/26/2003 are acceptable for examination proceedings. 

20 Specification 

21 Applicant is reminded of the proper language and format for an abstract of the disclosure. 
22 

23 The abstract should be in narrative form and generally limited to a single paragraph on 

24 a separate sheet within the range of 50 to 150 words. It is important that the abstract not exceed 
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1 150 words in length since the space provided for the abstract on the computer tape used by the 

2 printer is limited. The form and legal phraseology often used in patent claims, such as 1 f means" 

3 and "said, " should be avoided. The abstract should describe the disclosure sufficiently to assist 

4 readers in deciding whether there is a need for consulting the full patent text for details. 

5 ■ 

6 The language should be clear and concise and should not repeat information given in the 

7 title. It should avoid using phrases which can be implied, such as, "The disclosure concerns, " 

8 "The disclosure defined by this invention, " "The disclosure describes, " etc. 
9 

10 The abstract of the disclosure is objected to because: 

1 1 The abstract contains multiple phrases which can be implied, such as "a method for", "is 

12 provided", "according to one embodiment", "the method includes the steps of, etc. The 

13 examiner further recommends that the abstract provide description of the types of information 

14 which may be required for performing the validity check, and description regarding the 

15 intermediate nodes, as this would aid a person reading the abstract in understanding the heart of 

1 6 the invention. 

17 Correction is required. See MPEP § 608.01(b). 

18 The disclosure is objected to because it contains a plurality of embedded hyperlinks 

19 and/or other form of browser-executable code. Applicant is required to delete the embedded 

20 hyperlink and/or other form of browser-executable code. See MPEP § 608.01. Appropriate 

21 correction is required. 

22 The examiner further notes the applicants' usage of the language "all necessary 

23 information required for performing a validity check" in the claims and throughout the 

24 specification. In order to remain consistent with the specification, the examiner has interpreted 

25 the usage of this language, for the purposes of searching and applying prior art, as meaning "all 

26 necessary information required for performing a validity check without the checking entity 

27 needing to further communicate with the sending network node". This interpretation is 
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1 consistent with the specification, as the specification clearly shows that the checking node does 

2 not require further communication with the sending node in order to perform the validity 

3 checking, but that the checking entity may need to receive additional information from 

4 somewhere (i.e. a certificate authority) in order to perform the validity checking. 

5 Claim Objections 

6 For the applicants' future reference: 

7 A series of singular dependent claims is permissible in which a dependent claim refers to 

8 a preceding claim which, in turn, refers to another preceding claim, 

9 A claim which depends from a dependent claim should not be separated by any claim 

1 0 which does not also depend from said dependent claim. It should be kept in mind that a 

1 1 dependent claim may refer to any preceding independent claim. In general, applicant's sequence 

12 will not be changed See MPEP § 608.01(n). 
13 

14 

15 Claims 15-17, and 32 are objected to under 37 CFR 1.75, second paragraph, as being 

16 indefinite for failing to particularly point out and distinctly claim the subject matter which 

17 applicant regards as the invention. 

18 Regarding claims 15 and 32, "the Public Key" lacks antecedent basis in the claims, and 

19 further should not be capitalized. 

20 Regarding claim 16 and 17, the lack of punctuation renders the claim unclear as to what 

21 is performing the validity check. The examiner suggests the following "performing a validity 
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1 check, in a receiving node, of a packet by referring to the validity information contained in the 

2 header of the packet", for example. 

3 Appropriate correction is required. 

4 Claim Rejections - 35 USC §102 

5 The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 

6 basis for the rejections under this section made in this Office action: 

7 A person shall be entitled to a patent unless - 

8 (b) the invention was patented or described in a printed publication in this or a foreign 

9 country or in public use or on sale in this country, more than one year prior to the date of 
10 application for patent in the United States. 

11 

12 Claims 1-3, 5-10, 15-21, 23-26, 32, 34, 36, 37, 40, and 41 are rejected under 35 

13 U.S.C. 102(b) as being anticipated by Gupta et al. (US Patent Number 6,389,532) hereinafter 

14 referred to as Gupta. 

15 Regarding claim 1, Gupta disclosed a method for protecting packets to be sent from a 

16 first network node (See Gupta Fig. 1 Element 108) to a second network node (See Gupta Fig. 1 

17 Element 104 or 1 12), comprising the steps of: generating validity information for a packet (See 

18 Gupta Figs. 5-6 and Col. 6 Paragraphs 2-4), wherein the validity information comprises all 

19 necessary information required for performing a validity check of the packet (See Gupta Fig 7 

20 and Col. 6 Paragraph 5 - Col. 7 Paragraph 2); generating a header for the packet, comprising the 

21 validity information (See Gupta Fig. 3 and Col. 6 Paragraphs 3-4); and sending the packet 

22 including the header from a first network node to a second network node (See Gupta Col. 6 

23 Paragraph 4). 

24 Regarding claim 1 8, Gupta disclosed a network node for sending packets (See Gupta Fig. 
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1 1 Element 108) to a receiving network node (See Gupta Fig. 1 Element 104 or 1 12), comprising: 

2 first generating means for generating validity information for a packet (See Gupta Figs. 5-6 and 

3 Col. 6 Paragraphs 2-4); second generating means for generating a header for the packet, 

4 comprising the validity information (See Gupta Fig. 3 and Col. 6 Paragraphs 3-4); and sending 

5 means for sending the packet including the header to a receiving network node (See Gupta Col. 6 

6 Paragraph 4), wherein the validity information comprises all necessary information required for 

7 performing a validity check of the packet (See Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 7 

8 Paragraph 2). 

9 Regarding claim 19, Gupta disclosed a network node (See Gupta Fig. 1 Element 104 or 

10 112) comprising: receiving means for receiving packets from a sending network node (See Gupta 

1 1 Fig. 1 Element 108) (See Gupta Fig. 7 and Col. 6 Paragraph 5); and performing means for 

12 performing a validity check of a packet by referring to validity information contained in a header 

13 of the packet (See Gupta Fig. 7 and Col. 7 Paragraph 2), wherein the validity information 

14 comprises all necessary information required for performing the validity check of the packet (See 

15 Gupta Fig. 7 and Col. 6 Paragraph 5). 

16 Regarding claim 20, Gupta disclosed a network node (See Gupta Fig. 1 Element 104) 

17 comprising: forwarding means for forwarding packets from a sending network node to a 

1 8 receiving network node (See Gupta Fig. 7 and Col. 7 Paragraph 2); and performing means for 

19 performing a validity check of a packet by referring to validity information contained in a header 

20 of the packet (See Gupta Fig. 7 and Col. 7 Paragraph 2), wherein the validity information 

21 comprises all necessary information required for performing a validity check of the packet (See 

22 Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 7 Paragraph 2). 
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1 Regarding claim 34, Gupta disclosed a network system (See Gupta Fig. 1) comprising: a 

2 first network node (See Gupta Fig. 1 Element 108) configured to send a packet, wherein the first 

3 network node comprises first generating means for generating validity information for a packet 

4 (See Gupta Fig. 3 and Col. 6 Paragraphs 3-4), second generating means for generating a header 

5 for the packet, comprising the validity information (See Gupta Col. 6 Paragraph 4); sending 

6 means for sending the packet including the header to a receiving network node (See Gupta Fig. 1 

7 Element 104 or 1 12) (See Gupta Col. 6 Paragraph 4), wherein the validity information comprises 

8 all necessary information required for performing a validity check of the packet (See Gupta Fig 7 

9 and Col. 6 Paragraph 5 - Col. 7 Paragraph 2); and a second network node configured to receive 

10 the packet (See Gupta Fig. 1 Element 104 or 1 12), wherein the second network node comprises 

1 1 performing means for performing a validity check of a packet by referring to validity information 

12 contained in a header of the packet (See Gupta Fig. 7 and Col. 7 Paragraph 2), wherein the 

13 validity information comprises all necessary information required for performing the validity 

14 check of the packet (See Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 7 Paragraph 2). 

15 Regarding claims 2, 21, 36, and 37, Gupta disclosed that the step of generating the 

16 validity information comprises generating security information indicating security services 

17 applied to the packet (See Gupta Col. 5 Paragraph 7). 

1 8 Regarding claim 3, Gupta disclosed that the step of generating the validity information 

19 comprises generating algorithm information to be used for performing the validity check of the 

20 packet (See Gupta Col. 6 Paragraphs 3-4). 

21 Regarding claim 5, Gupta disclosed that the step of generating the algorithm information 

22 comprises generating the algorithm information which comprises values to initialize an 
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1 algorithm to be used for performing the validity check of the packet (See Gupta Col. 6 

2 Paragraphs 3-4, the data, the key index, the signature, or the fingerprint, for example). 

3 Regarding claims 6, 23, 40, and 41, Gupta disclosed that the step of generating the 

4 validity information comprises generating public key information of a sending node (See Gupta 

5 Col. 6 Paragraphs 2-6, for example the public and private key pair, or the key index). 

6 Regarding claims 7 and 24, Gupta disclosed that the step of generating the public key 

7 information comprises generating reference information related to how a public key can be 

8 obtained (See Gupta Col. 6 Paragraphs 3-4 and Col. 7 Paragraph 2). 

9 Regarding claims 8 and 25, Gupta disclosed that the step of generating the reference 

10 information comprises generating an identity of an entity from which the public key can be 

1 1 obtained (See Gupta Col. 6 Paragraphs 3-4, Col. 7 Paragraph 2, and Col. 3 Line 64 - Col. 4 Line 

12 13, wherein the index is the identity, and the entry in the table is the entity). 

13 Regarding claims 9 and 26, Gupta disclosed that the step of generating the reference 

14 information comprises generating a public key identifier for the public key (See Gupta Col. 6 

15 Paragraphs 3-4 and Col. 7 Paragraph 2, the key index). 

16 Regarding claim 10, Gupta disclosed that the step of generating the public key 

17 information comprises generating the public key (See Gupta Col. 6 Paragraph 2). 

18 Regarding claims 15 and 32, Gupta disclosed signing the packet using a private key 

19 corresponding to the Public Key indicated by the validity information in the packet header in a 

20 sending network node (See Gupta Col. 6 Paragraph 4). 
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1 Regarding claim 16, Gupta disclosed performing a validity check of the packet by 

2 referring to the validity information contained in the header of the packet in a receiving node 

3 (See Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 7 Paragraph 2). 

4 Regarding claim 17, Gupta disclosed performing a validity check of a packet by referring 

5 to the validity information contained in the header of the packet in an intermediate node (See 

6 Gupta Fig 7 and Col. 6 Paragraph 5 - Col. 7 Paragraph 2). 

7 Claim Rejections - 35 USC §103 

8 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

9 obviousness rejections set forth in this Office action: 

10 A patent may not be obtained though the invention is not identically disclosed or 

1 1 described as set forth in section 102 of this title, if the differences between the subject matter 

1 2 sought to be patented and the prior art are such that the subject matter as a whole would have 

13 been obvious at the time the invention was made to a person having ordinary skill in the art to 

1 4 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

1 5 the invention was made. 
16 

17 Claim 33 and 35 are rejected under 35 U.S.C. 103(a) as being unpatentable over Gupta. 

18 Regarding claim 33, Gupta disclosed sending IP packets from a sender to a receiver 

19 through a network, but failed to specifically disclose that the sender could be a mobile network 

20 node. However, it was well known in the art at the time of application that packets senders could 

21 be mobile nodes such as laptops, PDAs, telephones, etc., and as such, in order to allow a user 

22 mobility of access to a network, it would have been obvious to the ordinary person skilled in the 

23 art at the time of invention to have incorporated a mobile node as a sender in the system of 

24 Gupta. 
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1 Regarding claim 35, Gupta disclosed validating packets at a recipient (router) but failed 

2 to specifically disclose validating the packets at the end recipient as well. However, it would 

3 have been obvious to the ordinary person skilled in the art at the time of invention to have 

4 performed the packet validation at the recipient as well. This would have been obvious because 



5 the ordinary person skilled in the art would have been motivated to ensure that the packet was 

6 properly transmitted from the router to the recipient without error or illicit modification. 

7 Claims 12-14, and 29-31 are rejected under 35 U.S.C. 103(a) as being unpatentable over 

8 Gupta as applied to claims 1, 18, 19, and 20 above, and further in view of Naudus (US Patent 

9 Number 6,202,081). 

10 Regarding claims 12-14, and 29-3 1, Gupta disclosed validation of packets, but failed to 

1 1 disclose that the step of generating the validity information comprises generating an information 

12 item for preventing replay attacks. 

13 Naudus teaches that in a packet filtering system, packets should include timestamps in 

14 order to prevent replay attacks. Naudus further teaches that "[r]eplay attacks occur when a 

1 5 malicious user gains access to a router or other network device on a computer network that is 



16 forwarding data packets. Legitimate data packets are intercepted and then re-sent at a later time 

17 to allow the malicious user to appear as a legitimate user. A firewall helps prevent replay attacks 

1 8 by checking a time-stamp in the data packet that prevents the data packets from being re-sent at a 

1 9 later time." (See Naudus Col. 2 Paragraph 4). 

20 It would have been obvious to the ordinary person skilled in the art at the time of 

21 invention to employ the teachings of Naudus in the packet validity checking system of Gupta by 

22 including a timestamp in each packet and verifying the timestamp at the validity checker. This 
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1 would have been obvious because the ordinary person skilled in the art would have been 

2 motivated to prevent replay attacks in the network. In this combination, the inclusion of a 

3 timestamp in each packet, in itself, is an indication of a procedure to be used for anti replay 

4 attacks. 

5 Regarding claims 4, 22, 38, and 39, Gupta did not specifically teach that the step of 

6 generating the algorithm information comprises generating the algorithm information which 

7 indicates an algorithm to be used for performing the validity check of the packet. However, as 

8 taught by Naudus, in Col. 6 Line 60 - Col. 7 Line 7, it is well known to include in the packet 

9 header, an identification of which algorithm was used to sign the packet. As such, it would have 

10 been obvious to have included this information within the packet. Furthermore, the ordinary 

1 1 person skilled in the art at the time of invention would have recognized that this would allow for 

12 the user of a multiplicity of signature algorithms, as well as allowing updating of the signature 

13 algorithms in the future, and therefore it would have been obvious to have included an indication 

14 of the signature algorithm in the packet. 

15 Claims 1 1, 27, and 28 are rejected under 35 U.S.C. 103(a) as being unpatentable over 

16 Gupta as applied to claims 6 and 23 above, and further in view of Nikander (US Patent Number 

17 7,155,500). 

1 8 Gupta disclosed including public key information within the packets, but failed to 

19 specifically disclose including the public key itself within the packets or that the step of 

20 generating the public key information comprises generating public key verification information 

21 indicating information in order to verify that the public key actually belongs to the sending node. 



4 
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1 Gupta did disclose that the public and private key pairs can be generated and stored'in a 

2 certification server (See Col. 4 Paragraph 2). 

3 Nikander teaches that by including a public key itself and the certificate of the, public key, 

4 the receiving host can verify that the public key is truly owned by the sender (See Nikander Col. 

5 10 Line 50 -Col. 12 Line 9). 

6 It would have been obvious to the ordinary person skilled in the art at the time of 

7 invention to employ the teachings of Nikander in the packet verification system of Gupta by 

8 including the public key and public key certificate within each packet and verifying that the 

9 sender of each packet owned the public key used to sign the packet. This would have been 

10 obvious because the ordinary person skilled in the art would have been motivated to ensure that a 

1 1 malicious node was not claiming to be a different node. 

12 Conclusion 

13 Claims 1-41 have been rejected. 

14 The prior art made of record and not relied upon is considered pertinent to applicant's 

15 disclosure. 

16 Any inquiry concerning this communication or earlier communications from the 

17 examiner should be directed to Matthew T. Henning whose telephone number is (571) 272-3790. 

1 8 The examiner can normally be reached on M-F 8-4. 

19 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

20 supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 

21 organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Matthew Henning/ 
Assistant Examiner 
Art Unit 2131 
11/21/2007 



SUPERVISORY PATENT twwiwi 
TCCHN0L06Y CENTER 2100 




